A multi-tenant environment refers to a technology wherein a single storage system is deployed to serve multiple customers, each customer using the same storage system for their protection storage requirements. A storage system, which supports multi-tenants, must satisfy the security and isolation requirements. Here, the “security and isolation requirements” refer to the requirements that each customer's dataset must be secured and isolated from the other customers on the storage component. The security and isolation requirements apply to the authentication and authorization of customers that request data access. For example, a customer (e.g., a tenant) must not be able to enter another customer's data sets, or read or write to data sets that belong to another customer. The security and isolation requirements can also refer to managing access control. For example, an administrator of one customer must not be able to perform system configuration, monitoring, etc., of the datasets that belong to another customer. Thus, although the customers may share the same storage system for authenticating, authorizing, backing up, restoring, or replicating their datasets, none of the customers can be aware of the presence of other customers in the storage system.
Typically, authentication and authorization are performed based on a set of statically configured access control settings or rules, which are rarely changed or changed less frequently. Such conventional authorization model lacks the necessary flexibility and is unable to meet the needs of various customers due to the lack of flexibility in granting access. Applications treat authorization as an application specific need with an inability to handle multiple applications in a generic manner. The conventional authorization models lead to inefficient internal design and architecture. This leads to poor performance and code workflows as access control evaluation involve complex lookups and matches to user's privileges. What is most apparent from these designs is the inability to support tenancy. The inefficient design limits the ability to support a true multi-tenancy model in that multiple tenants cannot be defined nor can an access control model be enabled that gives tenants control over their own environments.